static bool verify_captcha(request_context *ctx) { if (!ctx->px_captcha) { return false; } px_config *conf = ctx->conf; const char *domain = ""; if (conf->captcha_subdomain) { get_host_domain(ctx, &domain); } // preventing reuse of captcha cookie by deleting it apr_status_t res = ap_cookie_remove(ctx->r, CAPTCHA_COOKIE, domain, ctx->r->headers_out, ctx->r->err_headers_out, NULL); if (res != APR_SUCCESS) { px_log_debug("Could not remove _pxCaptcha from request"); } char *payload = create_captcha_payload(ctx, conf); if (!payload) { px_log_debug_fmt("failed to format captcha payload. url: %s", ctx->full_url); ctx->pass_reason = PASS_REASON_ERROR; return true; } char *response_str = NULL; CURLcode status = post_request(conf->captcha_api_url, payload, conf->connect_timeout_ms, conf->captcha_timeout, conf, ctx, &response_str, &ctx->api_rtt); free(payload); if (status == CURLE_OK) { px_log_debug_fmt("server response %s", response_str); captcha_response *c = parse_captcha_response(response_str, ctx); free(response_str); bool passed = (c && c->status == 0); if (passed) { ctx->pass_reason = PASS_REASON_CAPTCHA; } return passed; } if (status == CURLE_OPERATION_TIMEDOUT) { ctx->pass_reason = PASS_REASON_CAPTCHA_TIMEOUT; px_log_debug("Captcha response timeout - passing request"); } else { ctx->pass_reason = PASS_REASON_ERROR; px_log_debug_fmt("failed to perform captcha validation request. url: %s", ctx->full_url); } return false; }
/** * Set the cookie and embed the session within it. * * This function adds an RFC2109 compliant Set-Cookie header for * the cookie specified in SessionCookieName, and an RFC2965 compliant * Set-Cookie2 header for the cookie specified in SessionCookieName2. * * If specified, the optional cookie attributes will be added to * each cookie. If defaults are not specified, DEFAULT_ATTRS * will be used. * * On success, this method will return APR_SUCCESS. * * @param r The request pointer. * @param z A pointer to where the session will be written. */ static apr_status_t session_cookie_save(request_rec * r, session_rec * z) { session_cookie_dir_conf *conf = ap_get_module_config(r->per_dir_config, &session_cookie_module); /* don't cache auth protected pages */ apr_table_addn(r->headers_out, "Cache-Control", "no-cache"); /* create RFC2109 compliant cookie */ if (conf->name_set) { if (z->encoded && z->encoded[0]) { ap_cookie_write(r, conf->name, z->encoded, conf->name_attrs, z->maxage, r->headers_out, r->err_headers_out, NULL); } else { ap_cookie_remove(r, conf->name, conf->name_attrs, r->headers_out, r->err_headers_out, NULL); } } /* create RFC2965 compliant cookie */ if (conf->name2_set) { if (z->encoded && z->encoded[0]) { ap_cookie_write2(r, conf->name2, z->encoded, conf->name2_attrs, z->maxage, r->headers_out, r->err_headers_out, NULL); } else { ap_cookie_remove2(r, conf->name2, conf->name2_attrs, r->headers_out, r->err_headers_out, NULL); } } if (conf->name_set || conf->name2_set) { return OK; } return DECLINED; }